But even if the systems impacting security were not directly affected, the information stolen could be used by attackers to impersonate airline officials with access to sensitive areas, according to Johannes Ullrich, the dean of research at the SANS Institute, which provides cybersecurity certifications and research.
“It’s very risky” because “we don’t know how [the attackers] are going to use the data that they now control. They could apply to jobs with that information,” Ullrich said. “If they have the information from a solid job application and they can impersonate them, it could place them in places of trust. It might be in backend systems that exchange flight data and such, potentially disrupting air travel.”
When asked how ICAO can say that this incident won’t affect aviation safety or security, Raillant-Clark said that the systems affected by this incident are not in any way connected or related to ICAO’s aviation safety or security work.
